CentOS

It’s no secret that I love using the Directadmin control panel. The interface is very simplistic, and can be archaic at times, but it is very stable, fast, and extremely customization when using the Custombuild 2.0 scripts. Recently, I did just that to deploy Nginx as the back-end web server, instead of the default, which is Apache. Nginx is very fast and performs very well under heavy loads. After migrating serenity-networks.com over, I quickly noticed that none of my links are working. Because I use WordPress, I instantly knew it had something to do with .htaccess or permalinks. The first thing I did was set permalinks to default, and everything started working again. Nginx does not use, nor recognize .htaccess files, which are imperative to URL rewriting, and therefore permalinks. So, I had to figure out how to solve this issue using configuration parameters in the Nginx.conf file. But, this isn’t very straightforward with Directadmin. Here is how to do it.

How to get URL rewrites and WordPress permalinks working with Directadmin, Custombuild 2.0, and Nginx:

The first thing you need to know is how Directadmin handles Nginx configuration files. This is pretty simple. It’s done on a per user bases, and the configuration files are located in /usr/local/directadmin/data/users/username/nginx.conf. Pretty simple. Each username has a folder, and within that folder is an nginx.conf file. This is where you can set parameters per user and even drill down to a specific site for a user. So, the first thing we will do is go to that directory, and edit the appropriate nginx.conf file for your user.

cd /usr/local/directadmin/data/users/

Look for the username for your user and cd into that directory. If you do an ls, you will see many different files.

GlusterFS is one of the fastest growing Open Source storage platforms in existence. It’s very simple to install, scale, and manage. What makes Gluster so amazing, is its ability to scale and replicate. It really sets the bar for software defined storage systems. It runs on whitebox hardware, or virtual machines. Lately, I’ve come across quite a few people that seem to be scared of Gluster and don’t know where to begin. I am here to help! Today, we’re going to install and configure GlusterFS on a CentOS 7 virtual machine; and, we’re going to make it NFS accessible for VM storage. Every hypervisor in existence supports NFS storage for virtual machines, including VMware ESXi / vSphere, Proxmox, Xen, KVM, oVirt, OpenStack, and all the others.

Installing GlusterFS Server and Client on CentOS 7 (two nodes)

I am using two virtual machines, each running CentOS 7. Their hostnames are gfs1 and gfs2. I have added a 40GB second disk to each VM that will be dedicated to GlusterFS. I suggest you have an identically sized second partition or drive on each of your systems as well.

As always, after connecting via SSH or console, go ahead and make sure everything is updated and upgraded on both nodes.

yum -y update

And, let’s go ahead and install a few useful packages (both nodes).

yum -y install nano net-tools wget

Edit the hosts file on both nodes. Make sure both nodes can resolve to each other via hostname.

oVirt, in my opinion, is the biggest contender with VMware vSphere. oVirt has the weight and development resources of Red Hat behind it, which has undoubtedly slingshotted it ahead of the rest of the open source virtualization solutions out there. It has almost all of the “out of the box” features vSphere has, and it works extremely well.

There have been two major holdback concerning oVirt in the past. First, early on it only supported Fedora. This definitely scared many people away, myself included. That is no longer the case as it now supports Fedora, RHEL, and CentOS. The second major drawback is the complexity of installation. Overall the methodology is pretty simple. At a minimum, you need two machines. An oVirt Engine, which is the brains of the operation and powers the web interface, and you have the oVirt Node, which is the “hypervisor.” Although the overall methodology is simple enough, it can really be a pain to install and get working. But, that’s improving as well.

I wrote this guide to help you get your oVirt infrastructure built on CentOS 6.6 easily, and quickly. You will need two servers, at minimum. The good news is that one of them, the oVirt Engine, can be virtualized, running on your currently configured hypervisor of choice. As far as specs, you’ll want to try to be close to the following.

This is enough to work with and get a good idea of what the oVirt platform is capable of. It’s also a solid foundation that can be grown and expanded on to form a production worthy infrastructure. So, lets get started.

Recently, I published a guide outlining how to install OpenVAS 8, from source, on Ubuntu 14. I got some feedback from some folks requesting a guide on installing OpenVAS on CentOS 7, from the binary packages available via yum. FYI, as of this writing, there are no binary packages for OpenVAS 8, hopefully they will come soon. OpenVAS is a top-knoch Open Source package for running vulnerability scans against networks and servers. Every network administration should have an OpenVAS installation tucked away on a virtual machine somewhere. It’s just so easy to monitor all of your systems for vulnerabilities, there’s no excuse not to. Installing OpenVAS from packages is much easier than installing from source. So, as requested, here you go.

How to install OpenVAS 7 on CentOS 7

Although time consuming, compared to installing from source, installing OpenVAS from binary package is a much less involved process. There are a few ‘gotchya’s” when installing to CentOS 7, mostly related to redis, which I’ll cover in this guide.

This guide assumes you have a minimal CentOS 7 server installation and you are logged into the console or via SSH.

First, we need to install a few prerequisites. To do that, run this command.

yum -y update
yum install -y wget net-tools nano

The OpenVAS binary packages aren’t included with the stock repositories. So, we need to enable the Atomicorp repository.

When CentOS 7 was released, it was quickly obvious that CentOS and Red Hat had switched over to firewalld for its firewall control. Although its syntax is a bit easier to work with than iptables, some software out there has issues with it, such as Docker. Some just prefer to stick with the standard iptables syntax because it is what they know and what they are comfortable with. So, if you have CentOS 7 or RHEL 7 installed and want the old iptables back, this guide is for you.

First thing’s first, disable firewalld

# systemctl mask firewalld

Now, lets stop firewalld

# systemctl stop firewalld

It would be a good idea to go ahead and make sure that firewalld is masked and inactive, so lets do just that.

Docker is a slick container based virtualization platform that allows you to run “images,” with minimal overhead. There are many different images available, from full blown OS’s, such as Ubuntu or CentOS, to web apps like WordPress or Ghost. The possibilities are endless, and because resource usage is minimal, you can really do a lot with little resources. You can install docker on all of the major linux distributions, as well as windows. I works fine in a virtual machine, or VPS. I will be installing Docker on a CentOS 7 VM, running on an ESXi hypervisor.

Lets Get Started

I’m assuming you already have your operating system installed, you are sitting at a command prompt. Installation and configuration is very easy on CentOS 7. By default, CentOS uses firewalld. Docker and firewalld do not get along nicely. Docker creates iptables rules directly for access to running containers, and if firewalld is refreshed or restarted, all of the iptables rules docker initiated get wiped by firewalld. So, we will disable firewalld and install the classic iptables functionality. Here are the steps involved:

Install Docker

Disable firewalld

Install iptables configuration scripts

Download Ghost Docker image and run

First, we will go ahead and install Docker. To do this only requires a single, simple command.

# sudo yum install docker

Let’s set up Docker to start at boot time.

# sudo chkconfig docker on

There will be a handful of dependencies, nothing out of the ordinary. If you are already running as root, you can omit the sudo. Next, we need to get firewalld stopped, removed, and iptables configuration scripts installed.

Now you will need to mount the VMware Tools ISO and select “Install/Upgrade VMware Tools” option on ESXi. This can be found a few different ways. I prefer to right click on the virtual machine, then go to guest and click on “Install/Upgrade VMware Tools.”